SWIF.ai

The Windows Multi Certificate Install Policy lets you deploy one or more certificates to Windows devices using a single policy. This is useful for:

Environments where devices need multiple certificates (for Wi‑Fi, VPN, applications, etc.)

- Bring Your Own Device (BYOD) scenarios
- Company-owned Windows devices
- Environments where devices need multiple certificates (for Wi‑Fi, VPN, applications, etc.)

This policy is designed to simplify certificate deployment by grouping multiple certificates into one configuration instead of managing separate policies for each certificate.

___________________________________________________________

Multiple certificates in one policy Deploy one or many certificates together as part of the same configuration.

Flexible device ownership Works for both:

- Company-owned Windows devices
- Employee-owned (BYOD) Windows devices

- Minimum OS: Windows 10 or later
- Platform: Windows

- Multiple certificates in one policy Deploy one or many certificates together as part of the same configuration.
- Flexible device ownership Works for both:
 - Company-owned Windows devices
 - Employee-owned (BYOD) Windows devices
- Modern Windows support
 - Minimum OS: Windows 10 or later
 - Platform: Windows

Minimum operating system: Windows 10 or later

- Minimum operating system: Windows 10 or later
- Supported platform: Windows
- Ownership types supported:
 - Company-owned
 - BYOD

Display name: Certificates Required: Yes Description: Defines the list of certificates that will be installed on the device. You can include a single certificate or multiple certificates in the same policy.

Each certificate entry must contain an Encoded Certificate value.

What it does: Installs all specified certificates on the target Windows device(s) when the policy is applied.

- Deploying a root or intermediate CA certificate to all devices
- Installing client authentication certificates for VPN or Wi‑Fi
- Distributing application-specific certificates

- What it does: Installs all specified certificates on the target Windows device(s) when the policy is applied.
- Typical uses:
 - Deploying a root or intermediate CA certificate to all devices
 - Installing client authentication certificates for VPN or Wi‑Fi
 - Distributing application-specific certificates

Display name: Encoded Certificate Required: Yes (for each certificate entry) Description: The certificate content, provided as a Base64‑encoded value in PEM format.

- Be in PEM format
- Be Base64‑encoded

This value represents the actual certificate that will be installed on the device.

- The certificate must:
 - Be in PEM format
 - Be Base64‑encoded
- This value represents the actual certificate that will be installed on the device.

When this policy is assigned to a Windows device:

The system reads the Certificates list from the policy.

For each certificate entry, it uses the Encoded Certificate value to install that certificate on the device.

All valid certificates included in the policy are deployed together as part of the same configuration.

1. The system reads the Certificates list from the policy.
2. For each certificate entry, it uses the Encoded Certificate value to install that certificate on the device.
3. All valid certificates included in the policy are deployed together as part of the same configuration.

If you later update the policy (for example, to add or remove a certificate), the changes are applied to devices according to your organization’s normal policy update behavior.

Use the Windows Multi Certificate Install Policy when:

You need to deploy several certificates at once to the same set of devices.

You want to simplify management by keeping multiple related certificates in a single policy instead of managing multiple separate policies.

You support both BYOD and company-owned Windows devices and want a unified way to distribute certificates.

- You need to deploy several certificates at once to the same set of devices.
- You want to simplify management by keeping multiple related certificates in a single policy instead of managing multiple separate policies.
- You support both BYOD and company-owned Windows devices and want a unified way to distribute certificates.

<a href="https://help.swif.ai/en/articles/12845856-windows-certificate-install-policy">Windows Certificate Install Policy</a> for single certificate installation. This policy was deprecated.

- <a href="https://help.swif.ai/en/articles/12845856-windows-certificate-install-policy">Windows Certificate Install Policy</a> for single certificate installation. This policy was deprecated.

Windows Multi Certificate Install Policy

Home

Product

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Empty Help Center

Uh oh. That page doesn’t exist.

Search results

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Windows Multi Certificate Install Policy

Overview

Key capabilities

Requirements

Policy fields

Certificates

Encoded Certificate

How this policy is applied

When to use this policy

Related